Improve fuzzing utilities (#384)

commit: 248221fb77a67e00d2775fcd026e7ea2a7a8b818 [log] [tgz]
author: Felix Weinrank <weinrank@fh-muenster.de> Thu Sep 26 16:53:56 2019 +0200
committer: Michael Tüxen <tuexen@fh-muenster.de> Thu Sep 26 16:53:56 2019 +0200
tree: 14f767b92cee1fb426001c84df5aaa37e219f136
parent: b07df88c8993722bf4197900bda4646c12ab2f99 [diff]
diff --git a/CMakeLists.txt b/CMakeLists.txt
index dfc2fb6..49a226f 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt

@@ -78,10 +78,6 @@
 option(sctp_sanitizer_memory "Compile with memory sanitizer" 0)
 
 option(sctp_build_fuzzer "Compile in clang fuzzing mode" 0)
-if (sctp_build_fuzzer)
-	add_definitions(-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
-	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=fuzzer-no-link")
-endif ()
 
 if (sctp_sanitizer_address AND sctp_sanitizer_memory)
 	message(FATAL_ERROR "Can not compile with both sanitizer options")
@@ -218,15 +214,16 @@
 	endif ()
 
 	if (sctp_sanitizer_address)
-		set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=all -fsanitize-address-use-after-scope ")
+		set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=address,undefined,signed-integer-overflow -fno-omit-frame-pointer -fno-sanitize-recover=all -fsanitize-address-use-after-scope ")
 	endif ()
 
 	if (sctp_sanitizer_memory)
-		set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=memory -fsanitize-memory-track-origins -fPIE")
+		set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=memory -fno-omit-frame-pointer -fsanitize-memory-track-origins -fPIE")
 	endif ()
 
-	if (sctp_sanitizer_address OR sctp_sanitizer_memory)
-		set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fno-omit-frame-pointer -fsanitize-coverage=edge,indirect-calls,trace-cmp,trace-div,trace-gep")
+	if (sctp_build_fuzzer)
+		add_definitions(-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
+		set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=fuzzer-no-link")
 	endif ()
 
 endif ()

diff --git a/fuzzer/CMakeLists.txt b/fuzzer/CMakeLists.txt
index c2b3427..d60eb5d 100644
--- a/fuzzer/CMakeLists.txt
+++ b/fuzzer/CMakeLists.txt

@@ -60,7 +60,7 @@
 # COMPILER FLAGS
 #################################################
 
-set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-gnu-zero-variadic-macro-arguments")
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-gnu-zero-variadic-macro-arguments -Wno-unused-variable")
 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=fuzzer")
 
 
@@ -68,26 +68,41 @@
 # PROGRAMS
 #################################################
 
-# if in fuzzing mode, only build the fuzzer
-configure_file(crashtest.py crashtest.py COPYONLY)
-configure_file(fuzzer_unconnected.sh fuzzer_unconnected.sh COPYONLY)
-configure_file(fuzzer_connected.sh fuzzer_connected.sh COPYONLY)
+# FUZZING_STAGE LEVELS
+# 0 - MULTI - based on input
+# 1 - COOKIE_WAIT
+# 2 - COOKIE_ECHO
+# 3 - ESTABLISHED
+# 4 - DATA SENT
+# 5 - DATA RECEIVED
 
-list(APPEND check_programs
-	fuzzer_unconnected.c
-	fuzzer_connected.c
-)
+add_executable(fuzzer_listen fuzzer_listen.c ../programs/programs_helper.c)
+target_link_libraries(fuzzer_listen usrsctp-static)
 
-foreach (source_file ${check_programs})
-	get_filename_component(source_file_we ${source_file} NAME_WE)
-	add_executable(
-		${source_file_we}
-		${source_file}
-	)
+add_executable(fuzzer_connect_multi fuzzer_connect.c ../programs/programs_helper.c)
+target_compile_definitions(fuzzer_connect_multi PRIVATE FUZZING_STAGE=0)
+target_link_libraries(fuzzer_connect_multi usrsctp-static)
 
-	target_link_libraries(
-		${source_file_we}
-		usrsctp-static
-	)
-endforeach ()
+add_executable(fuzzer_connect_multi_verbose fuzzer_connect.c ../programs/programs_helper.c)
+target_compile_definitions(fuzzer_connect_multi_verbose PRIVATE FUZZING_STAGE=0 FUZZ_VERBOSE)
+target_link_libraries(fuzzer_connect_multi_verbose usrsctp-static)
 
+# add_executable(fuzzer_connect_cookie_wait fuzzer_connect.c)
+# target_compile_definitions(fuzzer_connect_cookie_wait PRIVATE FUZZING_STAGE=1)
+# target_link_libraries(fuzzer_connect_cookie_wait usrsctp-static)
+
+# add_executable(fuzzer_connect_cookie_echoed fuzzer_connect.c)
+# target_compile_definitions(fuzzer_connect_cookie_echoed PRIVATE FUZZING_STAGE=2)
+# target_link_libraries(fuzzer_connect_cookie_echoed usrsctp-static)
+
+# add_executable(fuzzer_connect_established fuzzer_connect.c)
+# target_compile_definitions(fuzzer_connect_established PRIVATE FUZZING_STAGE=3)
+# target_link_libraries(fuzzer_connect_established usrsctp-static)
+
+# add_executable(fuzzer_connect_data_sent fuzzer_connect.c)
+# target_compile_definitions(fuzzer_connect_data_sent PRIVATE FUZZING_STAGE=4)
+# target_link_libraries(fuzzer_connect_data_sent usrsctp-static)
+
+# add_executable(fuzzer_connect_data_received fuzzer_connect.c)
+# target_compile_definitions(fuzzer_connect_data_received PRIVATE FUZZING_STAGE=5)
+# target_link_libraries(fuzzer_connect_data_received usrsctp-static)

diff --git a/fuzzer/CORPUS_CONNECT/crash-0a63175dc6b51474dc08197431ec36d11db5e77b b/fuzzer/CORPUS_CONNECT/crash-0a63175dc6b51474dc08197431ec36d11db5e77b
new file mode 100644
index 0000000..d90d892
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/crash-0a63175dc6b51474dc08197431ec36d11db5e77b
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/crash-27ffd53d682a7908bf7569e32d904f049066b5d6 b/fuzzer/CORPUS_CONNECT/crash-27ffd53d682a7908bf7569e32d904f049066b5d6
new file mode 100644
index 0000000..640bdb9
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/crash-27ffd53d682a7908bf7569e32d904f049066b5d6
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/data-1.bin b/fuzzer/CORPUS_CONNECT/data-1.bin
new file mode 100644
index 0000000..eea64c9
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/data-1.bin
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/init-ack-1.bin b/fuzzer/CORPUS_CONNECT/init-ack-1.bin
new file mode 100644
index 0000000..89abce3
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/init-ack-1.bin
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/leak-00bd871f5ce0596083fe8642c803c97f424b0c70 b/fuzzer/CORPUS_CONNECT/leak-00bd871f5ce0596083fe8642c803c97f424b0c70
new file mode 100644
index 0000000..0ed6e7b
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/leak-00bd871f5ce0596083fe8642c803c97f424b0c70
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/shutdown-1.bin b/fuzzer/CORPUS_CONNECT/shutdown-1.bin
new file mode 100644
index 0000000..27a757f
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/shutdown-1.bin
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/shutdown-ack-1.bin b/fuzzer/CORPUS_CONNECT/shutdown-ack-1.bin
new file mode 100644
index 0000000..307a4f9
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/shutdown-ack-1.bin
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000028 b/fuzzer/CORPUS_CONNECT/shutdown-complete-1.bin
similarity index 100%
copy from fuzzer/CORPUS_CONNECTED/tsctp-000028
copy to fuzzer/CORPUS_CONNECT/shutdown-complete-1.bin
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/timeout-00b96dd43f1251438bb44daa0a5a24ae4df5bce5 b/fuzzer/CORPUS_CONNECT/timeout-00b96dd43f1251438bb44daa0a5a24ae4df5bce5
new file mode 100644
index 0000000..0a8a271
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/timeout-00b96dd43f1251438bb44daa0a5a24ae4df5bce5
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000000 b/fuzzer/CORPUS_CONNECT/tsctp-0-000000
new file mode 100644
index 0000000..f79236f
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000000
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000001 b/fuzzer/CORPUS_CONNECT/tsctp-0-000001
new file mode 100644
index 0000000..f4296e2
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000001
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000002 b/fuzzer/CORPUS_CONNECT/tsctp-0-000002
new file mode 100644
index 0000000..f083809
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000002
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000003 b/fuzzer/CORPUS_CONNECT/tsctp-0-000003
new file mode 100644
index 0000000..d279214
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000003
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000004 b/fuzzer/CORPUS_CONNECT/tsctp-0-000004
new file mode 100644
index 0000000..4082340
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000004
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000005 b/fuzzer/CORPUS_CONNECT/tsctp-0-000005
new file mode 100644
index 0000000..a4c1a10
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000005
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000006 b/fuzzer/CORPUS_CONNECT/tsctp-0-000006
new file mode 100644
index 0000000..ec6e84e
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000006
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000007 b/fuzzer/CORPUS_CONNECT/tsctp-0-000007
new file mode 100644
index 0000000..4ef78de
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000007
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000008 b/fuzzer/CORPUS_CONNECT/tsctp-0-000008
new file mode 100644
index 0000000..106f680
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000008
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000009 b/fuzzer/CORPUS_CONNECT/tsctp-0-000009
new file mode 100644
index 0000000..ec39c43
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000009
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000010 b/fuzzer/CORPUS_CONNECT/tsctp-0-000010
new file mode 100644
index 0000000..56baf88
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000010
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000011 b/fuzzer/CORPUS_CONNECT/tsctp-0-000011
new file mode 100644
index 0000000..8027871
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000011
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000012 b/fuzzer/CORPUS_CONNECT/tsctp-0-000012
new file mode 100644
index 0000000..3b2d5fc
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000012
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000013 b/fuzzer/CORPUS_CONNECT/tsctp-0-000013
new file mode 100644
index 0000000..1393713
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000013
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000014 b/fuzzer/CORPUS_CONNECT/tsctp-0-000014
new file mode 100644
index 0000000..f5b5739
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000014
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000015 b/fuzzer/CORPUS_CONNECT/tsctp-0-000015
new file mode 100644
index 0000000..77c29e8
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000015
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000016 b/fuzzer/CORPUS_CONNECT/tsctp-0-000016
new file mode 100644
index 0000000..877542c
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000016
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000017 b/fuzzer/CORPUS_CONNECT/tsctp-0-000017
new file mode 100644
index 0000000..d9dd08d
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000017
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000018 b/fuzzer/CORPUS_CONNECT/tsctp-0-000018
new file mode 100644
index 0000000..9521d02
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000018
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000019 b/fuzzer/CORPUS_CONNECT/tsctp-0-000019
new file mode 100644
index 0000000..7eb61c5
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000019
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000020 b/fuzzer/CORPUS_CONNECT/tsctp-0-000020
new file mode 100644
index 0000000..f8a97e7
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000020
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000021 b/fuzzer/CORPUS_CONNECT/tsctp-0-000021
new file mode 100644
index 0000000..a32de60
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000021
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000022 b/fuzzer/CORPUS_CONNECT/tsctp-0-000022
new file mode 100644
index 0000000..7a294e8
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000022
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000023 b/fuzzer/CORPUS_CONNECT/tsctp-0-000023
new file mode 100644
index 0000000..d11a4d8
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000023
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000024 b/fuzzer/CORPUS_CONNECT/tsctp-0-000024
new file mode 100644
index 0000000..7fd3d3e
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000024
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000025 b/fuzzer/CORPUS_CONNECT/tsctp-0-000025
new file mode 100644
index 0000000..8f97c90
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000025
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000026 b/fuzzer/CORPUS_CONNECT/tsctp-0-000026
new file mode 100644
index 0000000..c30ac34
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000026
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000027 b/fuzzer/CORPUS_CONNECT/tsctp-0-000027
new file mode 100644
index 0000000..0cbcaec
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000027
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000028 b/fuzzer/CORPUS_CONNECT/tsctp-0-000028
new file mode 100644
index 0000000..8aaa226
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000028
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000029 b/fuzzer/CORPUS_CONNECT/tsctp-0-000029
new file mode 100644
index 0000000..3a8661b
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000029
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000030 b/fuzzer/CORPUS_CONNECT/tsctp-0-000030
new file mode 100644
index 0000000..731d3a6
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000030
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000031 b/fuzzer/CORPUS_CONNECT/tsctp-0-000031
new file mode 100644
index 0000000..5cc00a9
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000031
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000032 b/fuzzer/CORPUS_CONNECT/tsctp-0-000032
new file mode 100644
index 0000000..5d9df11
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000032
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000033 b/fuzzer/CORPUS_CONNECT/tsctp-0-000033
new file mode 100644
index 0000000..ae63b69
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000033
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000034 b/fuzzer/CORPUS_CONNECT/tsctp-0-000034
new file mode 100644
index 0000000..9c03a10
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000034
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000035 b/fuzzer/CORPUS_CONNECT/tsctp-0-000035
new file mode 100644
index 0000000..07a557b
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000035
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000036 b/fuzzer/CORPUS_CONNECT/tsctp-0-000036
new file mode 100644
index 0000000..1a1a097
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000036
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000037 b/fuzzer/CORPUS_CONNECT/tsctp-0-000037
new file mode 100644
index 0000000..965b943
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000037
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000038 b/fuzzer/CORPUS_CONNECT/tsctp-0-000038
new file mode 100644
index 0000000..ddcf498
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000038
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000039 b/fuzzer/CORPUS_CONNECT/tsctp-0-000039
new file mode 100644
index 0000000..ac7aa38
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000039
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000040 b/fuzzer/CORPUS_CONNECT/tsctp-0-000040
new file mode 100644
index 0000000..6f71eda
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000040
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000041 b/fuzzer/CORPUS_CONNECT/tsctp-0-000041
new file mode 100644
index 0000000..dfb81ca
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000041
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000042 b/fuzzer/CORPUS_CONNECT/tsctp-0-000042
new file mode 100644
index 0000000..84cf653
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000042
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000043 b/fuzzer/CORPUS_CONNECT/tsctp-0-000043
new file mode 100644
index 0000000..a240ae5
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000043
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000044 b/fuzzer/CORPUS_CONNECT/tsctp-0-000044
new file mode 100644
index 0000000..b2af6ac
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000044
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000045 b/fuzzer/CORPUS_CONNECT/tsctp-0-000045
new file mode 100644
index 0000000..91433ce
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000045
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000046 b/fuzzer/CORPUS_CONNECT/tsctp-0-000046
new file mode 100644
index 0000000..1b7bc64
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000046
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000047 b/fuzzer/CORPUS_CONNECT/tsctp-0-000047
new file mode 100644
index 0000000..7ba7e4e
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000047
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000048 b/fuzzer/CORPUS_CONNECT/tsctp-0-000048
new file mode 100644
index 0000000..41b04f8
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000048
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000049 b/fuzzer/CORPUS_CONNECT/tsctp-0-000049
new file mode 100644
index 0000000..58749f0
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000049
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000050 b/fuzzer/CORPUS_CONNECT/tsctp-0-000050
new file mode 100644
index 0000000..fb3e097
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000050
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000051 b/fuzzer/CORPUS_CONNECT/tsctp-0-000051
new file mode 100644
index 0000000..2eda240
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000051
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000052 b/fuzzer/CORPUS_CONNECT/tsctp-0-000052
new file mode 100644
index 0000000..e51adc4
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000052
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000053 b/fuzzer/CORPUS_CONNECT/tsctp-0-000053
new file mode 100644
index 0000000..5acacab
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000053
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000054 b/fuzzer/CORPUS_CONNECT/tsctp-0-000054
new file mode 100644
index 0000000..aeff74f
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000054
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000055 b/fuzzer/CORPUS_CONNECT/tsctp-0-000055
new file mode 100644
index 0000000..3772545
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000055
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000056 b/fuzzer/CORPUS_CONNECT/tsctp-0-000056
new file mode 100644
index 0000000..3987dd6
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000056
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000057 b/fuzzer/CORPUS_CONNECT/tsctp-0-000057
new file mode 100644
index 0000000..19da6c1
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000057
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000058 b/fuzzer/CORPUS_CONNECT/tsctp-0-000058
new file mode 100644
index 0000000..9245cfb
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000058
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000059 b/fuzzer/CORPUS_CONNECT/tsctp-0-000059
new file mode 100644
index 0000000..918afac
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000059
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000060 b/fuzzer/CORPUS_CONNECT/tsctp-0-000060
new file mode 100644
index 0000000..bb8f9fc
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000060
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000061 b/fuzzer/CORPUS_CONNECT/tsctp-0-000061
new file mode 100644
index 0000000..9a83cec
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000061
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000062 b/fuzzer/CORPUS_CONNECT/tsctp-0-000062
new file mode 100644
index 0000000..ecd5507
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000062
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000063 b/fuzzer/CORPUS_CONNECT/tsctp-0-000063
new file mode 100644
index 0000000..cfd7943
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000063
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000064 b/fuzzer/CORPUS_CONNECT/tsctp-0-000064
new file mode 100644
index 0000000..aa5c2a9
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000064
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000065 b/fuzzer/CORPUS_CONNECT/tsctp-0-000065
new file mode 100644
index 0000000..9e03feb
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000065
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000066 b/fuzzer/CORPUS_CONNECT/tsctp-0-000066
new file mode 100644
index 0000000..ecfee6f
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000066
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000067 b/fuzzer/CORPUS_CONNECT/tsctp-0-000067
new file mode 100644
index 0000000..f2d0fd7
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000067
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000068 b/fuzzer/CORPUS_CONNECT/tsctp-0-000068
new file mode 100644
index 0000000..2f80c38
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000068
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000069 b/fuzzer/CORPUS_CONNECT/tsctp-0-000069
new file mode 100644
index 0000000..b638508
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000069
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000070 b/fuzzer/CORPUS_CONNECT/tsctp-0-000070
new file mode 100644
index 0000000..84cbe7e
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000070
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000071 b/fuzzer/CORPUS_CONNECT/tsctp-0-000071
new file mode 100644
index 0000000..8b31e58
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000071
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000072 b/fuzzer/CORPUS_CONNECT/tsctp-0-000072
new file mode 100644
index 0000000..4e33bd4
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000072
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000073 b/fuzzer/CORPUS_CONNECT/tsctp-0-000073
new file mode 100644
index 0000000..61894e9
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000073
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000074 b/fuzzer/CORPUS_CONNECT/tsctp-0-000074
new file mode 100644
index 0000000..3d97960
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000074
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000075 b/fuzzer/CORPUS_CONNECT/tsctp-0-000075
new file mode 100644
index 0000000..4e2955a
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000075
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000076 b/fuzzer/CORPUS_CONNECT/tsctp-0-000076
new file mode 100644
index 0000000..6b7b1aa
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000076
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000077 b/fuzzer/CORPUS_CONNECT/tsctp-0-000077
new file mode 100644
index 0000000..1f9e418
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000077
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000078 b/fuzzer/CORPUS_CONNECT/tsctp-0-000078
new file mode 100644
index 0000000..9a6a022
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000078
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000079 b/fuzzer/CORPUS_CONNECT/tsctp-0-000079
new file mode 100644
index 0000000..4474d30
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000079
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000080 b/fuzzer/CORPUS_CONNECT/tsctp-0-000080
new file mode 100644
index 0000000..97023f2
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000080
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000081 b/fuzzer/CORPUS_CONNECT/tsctp-0-000081
new file mode 100644
index 0000000..9241f2a
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000081
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000082 b/fuzzer/CORPUS_CONNECT/tsctp-0-000082
new file mode 100644
index 0000000..bb7bbf1
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000082
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000083 b/fuzzer/CORPUS_CONNECT/tsctp-0-000083
new file mode 100644
index 0000000..5ed12e9
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000083
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000084 b/fuzzer/CORPUS_CONNECT/tsctp-0-000084
new file mode 100644
index 0000000..6c312bc
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000084
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000085 b/fuzzer/CORPUS_CONNECT/tsctp-0-000085
new file mode 100644
index 0000000..e36a192
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000085
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000086 b/fuzzer/CORPUS_CONNECT/tsctp-0-000086
new file mode 100644
index 0000000..65efd28
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000086
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000087 b/fuzzer/CORPUS_CONNECT/tsctp-0-000087
new file mode 100644
index 0000000..307a4f9
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000087
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000088 b/fuzzer/CORPUS_CONNECT/tsctp-0-000088
new file mode 100644
index 0000000..2ba7040
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000088
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000089 b/fuzzer/CORPUS_CONNECT/tsctp-0-000089
new file mode 100644
index 0000000..2cc53e6
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000089
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000090 b/fuzzer/CORPUS_CONNECT/tsctp-0-000090
new file mode 100644
index 0000000..ab7701b
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000090
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000091 b/fuzzer/CORPUS_CONNECT/tsctp-0-000091
new file mode 100644
index 0000000..e883f01
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000091
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000092 b/fuzzer/CORPUS_CONNECT/tsctp-0-000092
new file mode 100644
index 0000000..d279214
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000092
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000093 b/fuzzer/CORPUS_CONNECT/tsctp-0-000093
new file mode 100644
index 0000000..51c2e97
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000093
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000094 b/fuzzer/CORPUS_CONNECT/tsctp-0-000094
new file mode 100644
index 0000000..bfd3d00
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000094
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000095 b/fuzzer/CORPUS_CONNECT/tsctp-0-000095
new file mode 100644
index 0000000..f7a1cc4
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000095
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000096 b/fuzzer/CORPUS_CONNECT/tsctp-0-000096
new file mode 100644
index 0000000..3ea5c3d
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000096
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000097 b/fuzzer/CORPUS_CONNECT/tsctp-0-000097
new file mode 100644
index 0000000..67de3ed
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000097
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000098 b/fuzzer/CORPUS_CONNECT/tsctp-0-000098
new file mode 100644
index 0000000..8196918
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000098
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000099 b/fuzzer/CORPUS_CONNECT/tsctp-0-000099
new file mode 100644
index 0000000..663df65
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000099
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000100 b/fuzzer/CORPUS_CONNECT/tsctp-0-000100
new file mode 100644
index 0000000..e44d1a8
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000100
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000101 b/fuzzer/CORPUS_CONNECT/tsctp-0-000101
new file mode 100644
index 0000000..c723117
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000101
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000102 b/fuzzer/CORPUS_CONNECT/tsctp-0-000102
new file mode 100644
index 0000000..e0b6be3
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000102
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000103 b/fuzzer/CORPUS_CONNECT/tsctp-0-000103
new file mode 100644
index 0000000..7ca45f4
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000103
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000104 b/fuzzer/CORPUS_CONNECT/tsctp-0-000104
new file mode 100644
index 0000000..c6c321e
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000104
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000105 b/fuzzer/CORPUS_CONNECT/tsctp-0-000105
new file mode 100644
index 0000000..cbcfd14
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000105
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000106 b/fuzzer/CORPUS_CONNECT/tsctp-0-000106
new file mode 100644
index 0000000..664a6f8
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000106
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000107 b/fuzzer/CORPUS_CONNECT/tsctp-0-000107
new file mode 100644
index 0000000..3b2fb4e
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000107
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000108 b/fuzzer/CORPUS_CONNECT/tsctp-0-000108
new file mode 100644
index 0000000..dc23562
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000108
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000109 b/fuzzer/CORPUS_CONNECT/tsctp-0-000109
new file mode 100644
index 0000000..6a622b7
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000109
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000110 b/fuzzer/CORPUS_CONNECT/tsctp-0-000110
new file mode 100644
index 0000000..f097235
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000110
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000111 b/fuzzer/CORPUS_CONNECT/tsctp-0-000111
new file mode 100644
index 0000000..a8df479
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000111
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000112 b/fuzzer/CORPUS_CONNECT/tsctp-0-000112
new file mode 100644
index 0000000..1fa63ed
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000112
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000113 b/fuzzer/CORPUS_CONNECT/tsctp-0-000113
new file mode 100644
index 0000000..3806111
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000113
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000114 b/fuzzer/CORPUS_CONNECT/tsctp-0-000114
new file mode 100644
index 0000000..e790c90
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000114
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000115 b/fuzzer/CORPUS_CONNECT/tsctp-0-000115
new file mode 100644
index 0000000..be2b06a
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000115
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000116 b/fuzzer/CORPUS_CONNECT/tsctp-0-000116
new file mode 100644
index 0000000..307a4f9
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000116
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECT/tsctp-0-000117 b/fuzzer/CORPUS_CONNECT/tsctp-0-000117
new file mode 100644
index 0000000..2ba7040
--- /dev/null
+++ b/fuzzer/CORPUS_CONNECT/tsctp-0-000117
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000000 b/fuzzer/CORPUS_CONNECT/tsctp-000000
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000000
rename to fuzzer/CORPUS_CONNECT/tsctp-000000
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000001 b/fuzzer/CORPUS_CONNECT/tsctp-000001
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000001
rename to fuzzer/CORPUS_CONNECT/tsctp-000001
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000002 b/fuzzer/CORPUS_CONNECT/tsctp-000002
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000002
rename to fuzzer/CORPUS_CONNECT/tsctp-000002
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000003 b/fuzzer/CORPUS_CONNECT/tsctp-000003
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000003
rename to fuzzer/CORPUS_CONNECT/tsctp-000003
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000004 b/fuzzer/CORPUS_CONNECT/tsctp-000004
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000004
rename to fuzzer/CORPUS_CONNECT/tsctp-000004
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000005 b/fuzzer/CORPUS_CONNECT/tsctp-000005
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000005
rename to fuzzer/CORPUS_CONNECT/tsctp-000005
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000006 b/fuzzer/CORPUS_CONNECT/tsctp-000006
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000006
rename to fuzzer/CORPUS_CONNECT/tsctp-000006
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000007 b/fuzzer/CORPUS_CONNECT/tsctp-000007
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000007
rename to fuzzer/CORPUS_CONNECT/tsctp-000007
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000008 b/fuzzer/CORPUS_CONNECT/tsctp-000008
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000008
rename to fuzzer/CORPUS_CONNECT/tsctp-000008
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000009 b/fuzzer/CORPUS_CONNECT/tsctp-000009
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000009
rename to fuzzer/CORPUS_CONNECT/tsctp-000009
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000010 b/fuzzer/CORPUS_CONNECT/tsctp-000010
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000010
rename to fuzzer/CORPUS_CONNECT/tsctp-000010
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000011 b/fuzzer/CORPUS_CONNECT/tsctp-000011
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000011
rename to fuzzer/CORPUS_CONNECT/tsctp-000011
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000012 b/fuzzer/CORPUS_CONNECT/tsctp-000012
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000012
rename to fuzzer/CORPUS_CONNECT/tsctp-000012
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000013 b/fuzzer/CORPUS_CONNECT/tsctp-000013
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000013
rename to fuzzer/CORPUS_CONNECT/tsctp-000013
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000014 b/fuzzer/CORPUS_CONNECT/tsctp-000014
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000014
rename to fuzzer/CORPUS_CONNECT/tsctp-000014
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000015 b/fuzzer/CORPUS_CONNECT/tsctp-000015
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000015
rename to fuzzer/CORPUS_CONNECT/tsctp-000015
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000016 b/fuzzer/CORPUS_CONNECT/tsctp-000016
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000016
rename to fuzzer/CORPUS_CONNECT/tsctp-000016
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000017 b/fuzzer/CORPUS_CONNECT/tsctp-000017
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000017
rename to fuzzer/CORPUS_CONNECT/tsctp-000017
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000018 b/fuzzer/CORPUS_CONNECT/tsctp-000018
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000018
rename to fuzzer/CORPUS_CONNECT/tsctp-000018
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000019 b/fuzzer/CORPUS_CONNECT/tsctp-000019
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000019
rename to fuzzer/CORPUS_CONNECT/tsctp-000019
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000020 b/fuzzer/CORPUS_CONNECT/tsctp-000020
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000020
rename to fuzzer/CORPUS_CONNECT/tsctp-000020
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000021 b/fuzzer/CORPUS_CONNECT/tsctp-000021
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000021
rename to fuzzer/CORPUS_CONNECT/tsctp-000021
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000022 b/fuzzer/CORPUS_CONNECT/tsctp-000022
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000022
rename to fuzzer/CORPUS_CONNECT/tsctp-000022
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000023 b/fuzzer/CORPUS_CONNECT/tsctp-000023
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000023
rename to fuzzer/CORPUS_CONNECT/tsctp-000023
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000024 b/fuzzer/CORPUS_CONNECT/tsctp-000024
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000024
rename to fuzzer/CORPUS_CONNECT/tsctp-000024
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000025 b/fuzzer/CORPUS_CONNECT/tsctp-000025
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000025
rename to fuzzer/CORPUS_CONNECT/tsctp-000025
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000026 b/fuzzer/CORPUS_CONNECT/tsctp-000026
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000026
rename to fuzzer/CORPUS_CONNECT/tsctp-000026
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000027 b/fuzzer/CORPUS_CONNECT/tsctp-000027
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000027
rename to fuzzer/CORPUS_CONNECT/tsctp-000027
Binary files differ

diff --git a/fuzzer/CORPUS_CONNECTED/tsctp-000028 b/fuzzer/CORPUS_CONNECT/tsctp-000028
similarity index 100%
rename from fuzzer/CORPUS_CONNECTED/tsctp-000028
rename to fuzzer/CORPUS_CONNECT/tsctp-000028
Binary files differ

diff --git a/fuzzer/CORPUS_LISTEN/init-1.bin b/fuzzer/CORPUS_LISTEN/init-1.bin
new file mode 100644
index 0000000..1bda440
--- /dev/null
+++ b/fuzzer/CORPUS_LISTEN/init-1.bin
Binary files differ

diff --git a/fuzzer/build-fuzzer.sh b/fuzzer/build-fuzzer.sh
new file mode 100755
index 0000000..f188031
--- /dev/null
+++ b/fuzzer/build-fuzzer.sh

@@ -0,0 +1,30 @@
+#!/bin/sh
+set -e
+
+NPROC=1
+
+if [ "$(uname)" = "Linux" ]; then
+    NPROC=$(nproc)
+    CC=clang-9
+elif [ "$(uname)" = "Darwin" ]; then
+    NPROC=$(sysctl -n hw.ncpu)
+    CC=/usr/local/opt/llvm/bin/clang
+elif [ "$(uname)" = "FreeBSD" ]; then
+    NPROC=$(sysctl -n hw.ncpu)
+    CC=clang90
+else
+    echo "Error: $(uname) not supported, sorry!"
+    exit 1
+fi
+
+if ! [ -x "$(command -v $CC)" ]; then
+    echo "Error: $CC is not installed!" >&2
+    exit 1
+fi
+
+echo "OS :" $(uname)
+echo "CC :" $CC
+echo "NP :" $NPROC
+
+cmake -Dsctp_build_fuzzer=1 -Dsctp_build_programs=0 -Dsctp_invariants=1 -Dsctp_sanitizer_address=1  -DCMAKE_C_COMPILER="$CC" -DCMAKE_BUILD_TYPE=RelWithDebInfo .
+make -j"$NPROC"

diff --git a/fuzzer/chain.sh b/fuzzer/chain.sh
new file mode 100755
index 0000000..bdaf497
--- /dev/null
+++ b/fuzzer/chain.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+
+#set -e
+
+make
+echo "Beginning..."
+#./fuzzer_connected CORPUS_CONNECTED/tsctp-000005 2>fuzzer.log
+#./fuzzer_connect_data_sent CORPUS_CONNECT/data-1.bin 2>fuzzer.log
+#./fuzzer_connect_data_received CORPUS_CONNECT/data-1.bin 2>fuzzer.log
+#./fuzzer_connect_multi -timeout=6 timeout-00b96dd43f1251438bb44daa0a5a24ae4df5bce5 2>fuzzer.log
+./fuzzer_connect_multi_verbose -timeout=6 leak-00bd871f5ce0596083fe8642c803c97f424b0c70 2>fuzzer.log
+echo "Fuzzing finished"
+grep "# SCTP_PACKET" fuzzer.log > text2pcap.log
+text2pcap -n -l 248 -D -t "%H:%M:%S." text2pcap.log fuzzer.pcapng
+wireshark fuzzer.pcapng

diff --git a/fuzzer/crashtest.py b/fuzzer/crashtest.py
index d9c3fe6..865cd11 100755
--- a/fuzzer/crashtest.py
+++ b/fuzzer/crashtest.py

@@ -4,7 +4,7 @@
 import os
 
 reportdir = "reports/"
-fuzzer = "./fuzzer_connected"
+fuzzer = "./fuzzer_connect_multi"
 
 class bcolors:
 	HEADER = '\033[95m'
@@ -23,6 +23,7 @@
 crashfiles = []
 crashfiles.extend(glob.glob("crash-*"))
 crashfiles.extend(glob.glob("timeout-*"))
+crashfiles.extend(glob.glob("leak-*"))
 
 if not os.path.exists(reportdir):
 	os.makedirs(reportdir)

diff --git a/fuzzer/fuzzer_connect.c b/fuzzer/fuzzer_connect.c
new file mode 100644
index 0000000..859c5bd
--- /dev/null
+++ b/fuzzer/fuzzer_connect.c

@@ -0,0 +1,476 @@
+/*
+ * Copyright (C) 2017-2019 Felix Weinrank
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the project nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.	IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdarg.h>
+#include <sys/time.h>
+#include <usrsctp.h>
+#include "../programs/programs_helper.h"
+
+//#define FUZZ_VERBOSE
+#define FUZZ_INTERLEAVING
+#define FUZZ_EXPLICIT_EOR
+#define FUZZ_STREAM_RESET
+#define FUZZ_DISABLE_LINGER
+
+#define BUFFERSIZE 4096
+
+static uint32_t assoc_vtag = 0;
+
+#ifdef FUZZ_VERBOSE
+#define fuzzer_printf(...)                       \
+	do {                                        \
+		fprintf(stderr, "[P]");                 \
+		debug_printf_runtime();                 \
+		fprintf(stderr, __VA_ARGS__);           \
+	} while (0)
+#else
+#define fuzzer_printf(...)
+#endif
+
+static void
+dump_packet(const void *buffer, size_t bufferlen, int inout) {
+#ifdef FUZZ_VERBOSE
+	static char *dump_buf;
+	if ((dump_buf = usrsctp_dumppacket(buffer, bufferlen, inout)) != NULL) {
+		fprintf(stderr, "%s", dump_buf);
+		usrsctp_freedumpbuffer(dump_buf);
+	}
+#endif
+}
+
+static int
+conn_output(void *addr, void *buf, size_t length, uint8_t tos, uint8_t set_df)
+{
+	struct sctp_init_chunk *init_chunk;
+	const char *init_chunk_first_bytes = "\x13\x88\x13\x89\x00\x00\x00\x00\x00\x00\x00\x00\x01";
+	// length >= (12 Common + 16 min INIT)
+	if ((length >= 28) && (memcmp(buf, init_chunk_first_bytes, 12) == 0)) {
+		//fuzzer_printf("length %d / sizeof %lu\n", length, sizeof(struct sctp_common_header));
+		init_chunk = (struct sctp_init_chunk*) ((char *)buf + sizeof(struct sctp_common_header));
+		fuzzer_printf("Found outgoing INIT, extracting VTAG : %u\n", init_chunk->initiate_tag);
+		assoc_vtag = init_chunk->initiate_tag;
+	}
+
+	dump_packet(buf, length, SCTP_DUMP_OUTBOUND);
+	return (0);
+}
+
+
+static void
+handle_upcall(struct socket *sock, void *arg, int flgs)
+{
+	fuzzer_printf("handle_upcall()\n");
+	int events = usrsctp_get_events(sock);
+
+	while (events & SCTP_EVENT_READ) {
+		struct sctp_recvv_rn rn;
+		ssize_t n;
+		struct sockaddr_in addr;
+		char *buf = calloc(1, BUFFERSIZE);
+		int flags = 0;
+		socklen_t len = (socklen_t)sizeof(struct sockaddr_in);
+		unsigned int infotype = 0;
+		socklen_t infolen = sizeof(struct sctp_recvv_rn);
+		memset(&rn, 0, sizeof(struct sctp_recvv_rn));
+		n = usrsctp_recvv(sock, buf, BUFFERSIZE, (struct sockaddr *) &addr, &len, (void *)&rn, &infolen, &infotype, &flags);
+		fuzzer_printf("usrsctp_recvv() - returned %zd\n", n);
+
+		if (flags & MSG_NOTIFICATION) {
+			fuzzer_printf("NOTIFICATION received\n");
+#ifdef FUZZ_VERBOSE
+			handle_notification((union sctp_notification *)buf, n);
+#endif
+		} else {
+			fuzzer_printf("DATA received\n");
+		}
+
+		free(buf);
+
+		if (n <= 0) {
+			break;
+		}
+
+		events = usrsctp_get_events(sock);
+	}
+}
+
+
+int
+initialize_fuzzer(void) {
+#ifdef FUZZ_VERBOSE
+	usrsctp_init(0, conn_output, debug_printf_stack);
+#else
+	usrsctp_init(0, conn_output, NULL);
+#endif
+
+	usrsctp_enable_crc32c_offload();
+	/* set up a connected UDP socket */
+#ifdef SCTP_DEBUG
+	usrsctp_sysctl_set_sctp_debug_on(SCTP_DEBUG_ALL);
+#endif
+	usrsctp_register_address((void *)1);
+
+	fuzzer_printf("usrsctp initialized\n");
+	return (1);
+}
+
+
+int
+LLVMFuzzerTestOneInput(const uint8_t* data, size_t data_size)
+{
+	static int initialized;
+	char *fuzzed_packet_buffer;
+	struct sockaddr_in bind4;
+	struct sockaddr_conn sconn;
+	struct socket *socket_client;
+	struct linger so_linger;
+	struct sctp_event event;
+	unsigned long i;
+	struct sctp_common_header* common_header;
+	uint16_t event_types[] = {
+		SCTP_ASSOC_CHANGE,
+		SCTP_PEER_ADDR_CHANGE,
+		SCTP_SEND_FAILED_EVENT,
+		SCTP_REMOTE_ERROR,
+		SCTP_SHUTDOWN_EVENT,
+		SCTP_ADAPTATION_INDICATION,
+		SCTP_PARTIAL_DELIVERY_EVENT
+	};
+	uint8_t fuzzing_stage = FUZZING_STAGE;
+	int fuzzed_packet_size;
+	int enable;
+#if defined(FUZZ_STREAM_RESET) || defined(FUZZ_INTERLEAVING)
+	struct sctp_assoc_value assoc_val;
+#endif
+
+	// WITH COMMON HEADER!
+	char fuzz_init_ack[] = "\x13\x89\x13\x88\x54\xc2\x7c\x46\x00\x00\x00\x00\x02\x00\x01\xf8" \
+		"\xc7\xa1\xb0\x4d\x00\x1c\x71\xc7\x00\x0a\xff\xff\x03\x91\x94\x1b" \
+		"\x80\x00\x00\x04\xc0\x00\x00\x04\x80\x08\x00\x09\xc0\x0f\xc1\x80" \
+		"\x82\x00\x00\x00\x80\x02\x00\x24\x61\x6c\x7e\x52\x2a\xdb\xe0\xa2" \
+		"\xaa\x78\x25\x1e\x12\xc5\x01\x9e\x4c\x60\x16\xdf\x01\x6d\xa1\xd5" \
+		"\xcd\xbe\xa7\x5d\xa2\x73\xf4\x1b\x80\x04\x00\x08\x00\x03\x00\x01" \
+		"\x80\x03\x00\x07\x00\x80\xc1\x00\x00\x06\x00\x14\x2a\x02\xc6\xa0" \
+		"\x40\x15\x00\x11\x00\x00\x00\x00\x00\x00\x00\x83\x00\x05\x00\x08" \
+		"\xd4\xc9\x79\x53\x00\x07\x01\x80\x4b\x41\x4d\x45\x2d\x42\x53\x44" \
+		"\x20\x31\x2e\x31\x00\x00\x00\x00\x64\x11\x49\x00\x00\x00\x00\x00" \
+		"\xac\xde\x0c\x00\x00\x00\x00\x00\x60\xea\x00\x00\x00\x00\x00\x00" \
+		"\x00\x00\x00\x00\xb2\xd4\x38\x45\xc7\xa1\xb0\x4d\xd4\xc9\x79\x52" \
+		"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00" \
+		"\xd4\xc9\x79\x53\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" \
+		"\x05\x00\x00\x00\x00\x00\x00\x00\xd9\x05\x13\x89\x01\x01\x00\x00" \
+		"\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x80\x45\x38\xd4\xb2" \
+		"\x00\x1c\x71\xc7\x00\x01\xff\xff\xac\x40\x9b\x94\x80\x00\x00\x04" \
+		"\xc0\x00\x00\x04\x80\x08\x00\x09\xc0\x0f\xc1\x80\x82\x00\x00\x00" \
+		"\x80\x02\x00\x24\xc8\x24\x46\x8c\x7e\x88\x2e\xb7\x88\x8b\xdd\xa1" \
+		"\x55\x8b\xb4\xc0\x26\xe3\x21\xbb\xb0\x66\xfd\xb2\xd4\xde\xf9\x77" \
+		"\x4f\xe4\x7c\xbf\x80\x04\x00\x08\x00\x03\x00\x01\x80\x03\x00\x07" \
+		"\x00\x80\xc1\x00\x00\x0c\x00\x08\x00\x05\x00\x06\x00\x06\x00\x14" \
+		"\x2a\x02\xc6\xa0\x40\x15\x00\x11\x00\x00\x00\x00\x00\x00\x00\x82" \
+		"\x00\x05\x00\x08\xd4\xc9\x79\x52\x02\x00\x01\xf8\xc7\xa1\xb0\x4d" \
+		"\x00\x1c\x71\xc7\x00\x01\xff\xff\x03\x91\x94\x1b\x80\x00\x00\x04" \
+		"\xc0\x00\x00\x04\x80\x08\x00\x09\xc0\x0f\xc1\x80\x82\x00\x00\x00" \
+		"\x80\x02\x00\x24\x61\x6c\x7e\x52\x2a\xdb\xe0\xa2\xaa\x78\x25\x1e" \
+		"\x12\xc5\x01\x9e\x4c\x60\x16\xdf\x01\x6d\xa1\xd5\xcd\xbe\xa7\x5d" \
+		"\xa2\x73\xf4\x1b\x80\x04\x00\x08\x00\x03\x00\x01\x80\x03\x00\x07" \
+		"\x00\x80\xc1\x00\x00\x06\x00\x14\x2a\x02\xc6\xa0\x40\x15\x00\x11" \
+		"\x00\x00\x00\x00\x00\x00\x00\x83\x00\x05\x00\x08\xd4\xc9\x79\x53" \
+		"\x64\x30\x8a\xb9\x7c\xe5\x93\x69\x52\xa9\xc8\xd5\xa1\x1b\x7d\xef" \
+		"\xea\xfa\x23\x32";
+
+	// WITH COMMON HEADER!
+	char fuzz_cookie_ack[] = "\x13\x89\x13\x88\x54\xc2\x7c\x46\x00\x00\x00\x00\x0b\x00\x00\x04";
+
+	// WITH COMMON HEADER!
+	char fuzz_abort[] = "\x13\x89\x13\x88\x54\xc2\x7c\x46\x00\x00\x00\x00\x06\x00\x00\x08\x00\x0c\x00\x04";
+
+	// WITH COMMON HEADER!
+	char fuzz_i_data[] = "\x13\x89\x13\x88\x54\xc2\x7c\x46\x00\x00\x00\x00" \
+		"\x00\x1b\x04\x42\xa3\x58\x90\xe2\xba\x9e\x8c\xfc\x08\x00\x45\x02" \
+		"\x04\x34\x00\x00\x40\x00\x40\x84\x9a\x0b\xd4\xc9\x79\x52\xd4\xc9" \
+		"\x79\x53\x65\x75\x13\x89\x11\x97\x93\x37\x26\x6c\xb7\x65\x40\x02" \
+		"\x04\x14\x96\xff\xad\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" \
+		"\x00\x27\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" \
+		"\x41\x41";
+
+	char fuzz_common_header[] = "\x13\x89\x13\x88\x54\xc2\x7c\x46\x00\x00\x00\x00";
+
+	if (!fuzzing_stage) {
+		fuzzing_stage = (data[0] % 5) + 1;
+	}
+
+	fuzzer_printf("LLVMFuzzerTestOneInput() - Stage %d\n", fuzzing_stage);
+
+	if (!initialized) {
+		initialized = initialize_fuzzer();
+	}
+
+	if (data_size < 8 || data_size > 65535) {
+		// Skip too small and too large packets
+		fuzzer_printf("data_size %zu makes no sense, skipping\n", data_size);
+		return (0);
+	}
+
+	if ((socket_client = usrsctp_socket(AF_CONN, SOCK_STREAM, IPPROTO_SCTP, NULL, NULL, 0, 0)) == NULL) {
+		perror("usrsctp_socket");
+		exit(EXIT_FAILURE);
+	}
+
+	usrsctp_set_non_blocking(socket_client, 1);
+
+	so_linger.l_onoff = 1;
+	so_linger.l_linger = 0;
+	if (usrsctp_setsockopt(socket_client, SOL_SOCKET, SO_LINGER, &so_linger, sizeof(struct linger)) < 0) {
+		perror("usrsctp_setsockopt 1");
+		exit(EXIT_FAILURE);
+	}
+
+	memset(&event, 0, sizeof(event));
+	event.se_assoc_id = SCTP_FUTURE_ASSOC;
+	event.se_on = 1;
+	for (i = 0; i < (sizeof(event_types) / sizeof(uint16_t)); i++) {
+		event.se_type = event_types[i];
+		if (usrsctp_setsockopt(socket_client, IPPROTO_SCTP, SCTP_EVENT, &event, sizeof(event)) < 0) {
+			perror("setsockopt SCTP_EVENT socket_client");
+			exit(EXIT_FAILURE);
+		}
+	}
+
+	enable = 1;
+	if (usrsctp_setsockopt(socket_client, IPPROTO_SCTP, SCTP_RECVRCVINFO, &enable, sizeof(enable)) < 0) {
+		perror("setsockopt SCTP_RECVRCVINFO socket_client");
+		exit(EXIT_FAILURE);
+	}
+
+	enable = 1;
+	if (usrsctp_setsockopt(socket_client, IPPROTO_SCTP, SCTP_RECVNXTINFO, &enable, sizeof(enable)) < 0) {
+		perror("setsockopt SCTP_RECVNXTINFO socket_client");
+		exit(EXIT_FAILURE);
+	}
+
+#if defined(FUZZ_EXPLICIT_EOR)
+	enable = 1;
+	if (usrsctp_setsockopt(socket_client, IPPROTO_SCTP, SCTP_EXPLICIT_EOR, &enable, sizeof(enable)) < 0) {
+		perror("setsockopt SCTP_EXPLICIT_EOR socket_client");
+		exit(EXIT_FAILURE);
+	}
+#endif // defined(FUZZ_EXPLICIT_EOR)
+
+#if defined(FUZZ_STREAM_RESET)
+	assoc_val.assoc_id = SCTP_ALL_ASSOC;
+	assoc_val.assoc_value = SCTP_ENABLE_RESET_STREAM_REQ | SCTP_ENABLE_CHANGE_ASSOC_REQ;
+	if (usrsctp_setsockopt(socket_client, IPPROTO_SCTP, SCTP_ENABLE_STREAM_RESET, &assoc_val, sizeof(struct sctp_assoc_value)) < 0) {
+		perror("setsockopt SCTP_ENABLE_STREAM_RESET socket_client");
+		exit(EXIT_FAILURE);
+	}
+#endif //defined(FUZZ_STREAM_RESET)
+
+#if defined(FUZZ_INTERLEAVING)
+#if !defined(SCTP_INTERLEAVING_SUPPORTED)
+#define SCTP_INTERLEAVING_SUPPORTED 0x00001206
+#endif // !defined(SCTP_INTERLEAVING_SUPPORTED)
+	enable = 2;
+	if (usrsctp_setsockopt(socket_client, IPPROTO_SCTP, SCTP_FRAGMENT_INTERLEAVE, &enable, sizeof(enable)) < 0) {
+		perror("usrsctp_setsockopt SCTP_FRAGMENT_INTERLEAVE socket_client");
+		exit(EXIT_FAILURE);
+	}
+
+	memset(&assoc_val, 0, sizeof(assoc_val));
+	assoc_val.assoc_value = 1;
+	if (usrsctp_setsockopt(socket_client, IPPROTO_SCTP, SCTP_INTERLEAVING_SUPPORTED, &assoc_val, sizeof(assoc_val)) < 0) {
+		perror("usrsctp_setsockopt SCTP_INTERLEAVING_SUPPORTED socket_client");
+		exit(EXIT_FAILURE);
+	}
+#endif // defined(FUZZ_INTERLEAVING)
+
+	memset((void *)&bind4, 0, sizeof(struct sockaddr_in));
+#ifdef HAVE_SIN_LEN
+	bind4.sin_len = sizeof(struct sockaddr_in6);
+#endif
+	bind4.sin_family = AF_INET;
+	bind4.sin_port = htons(5000);
+	bind4.sin_addr.s_addr = htonl(INADDR_ANY);
+
+	if (usrsctp_bind(socket_client, (struct sockaddr *)&bind4, sizeof(bind4)) < 0) {
+		perror("bind");
+		usrsctp_close(socket_client);
+		exit(EXIT_FAILURE);
+	}
+
+	usrsctp_set_upcall(socket_client, handle_upcall, NULL);
+
+	memset(&sconn, 0, sizeof(struct sockaddr_conn));
+	sconn.sconn_family = AF_CONN;
+#ifdef HAVE_SCONN_LEN
+	sconn.sconn_len = sizeof(struct sockaddr_conn);
+#endif
+	sconn.sconn_port = htons(5001);
+	sconn.sconn_addr = (void *)1;
+
+	fuzzer_printf("Calling usrsctp_connect()\n");
+	if (usrsctp_connect(socket_client, (struct sockaddr *)&sconn, sizeof(struct sockaddr_conn)) < 0) {
+		if (errno != EINPROGRESS) {
+			perror("usrsctp_connect");
+			exit(EXIT_FAILURE);
+		}
+	}
+
+	if (fuzzing_stage > 0) {
+		fuzzer_printf("Injecting INIT_ACK\n");
+
+		common_header = (struct sctp_common_header*) fuzz_init_ack;
+		common_header->verification_tag = assoc_vtag;
+
+		dump_packet(fuzz_init_ack, 516, SCTP_DUMP_INBOUND);
+		usrsctp_conninput((void *)1, fuzz_init_ack, 516, 0);
+	}
+
+	if (fuzzing_stage > 1) {
+		fuzzer_printf("Injecting COOKIE_ACK\n");
+
+		common_header = (struct sctp_common_header*) fuzz_cookie_ack;
+		common_header->verification_tag = assoc_vtag;
+
+		dump_packet(fuzz_cookie_ack, 16, SCTP_DUMP_INBOUND);
+		usrsctp_conninput((void *)1, fuzz_cookie_ack, 16, 0);
+	}
+
+	if (fuzzing_stage == 4) {
+		const char *sendbuffer = "Geologie ist keine richtige Wissenschaft!";
+		fuzzer_printf("Calling usrsctp_sendv()\n");
+		usrsctp_sendv(socket_client, sendbuffer, strlen(sendbuffer), NULL, 0, NULL, 0, SCTP_SENDV_NOINFO, 0);
+	}
+
+	if (fuzzing_stage == 5) {
+		fuzzer_printf("Injecting I_DATA\n");
+
+		common_header = (struct sctp_common_header*) fuzz_i_data;
+		common_header->verification_tag = assoc_vtag;
+
+		dump_packet(fuzz_i_data, 1102, SCTP_DUMP_INBOUND);
+		usrsctp_conninput((void *)1, fuzz_i_data, 1102, 0);
+	}
+
+	// Inject fuzzed packet - we skip the first byte cause we are using it for stage decision
+	fuzzed_packet_size = data_size + 12 - 1;
+	fuzzed_packet_buffer = malloc(fuzzed_packet_size);
+	memcpy(fuzzed_packet_buffer, fuzz_common_header, 12); // common header
+	memcpy(fuzzed_packet_buffer + 12, data + 1, data_size - 1);
+
+	common_header = (struct sctp_common_header*) fuzzed_packet_buffer;
+	common_header->verification_tag = assoc_vtag;
+
+	fuzzer_printf("Injecting FUZZER-Packet\n");
+	dump_packet(fuzzed_packet_buffer, fuzzed_packet_size, SCTP_DUMP_INBOUND);
+	usrsctp_conninput((void *)1, fuzzed_packet_buffer, fuzzed_packet_size, 0);
+
+	fuzzer_printf("Calling usrsctp_close()\n");
+	usrsctp_close(socket_client);
+
+	free(fuzzed_packet_buffer);
+
+#if 0
+	fuzzer_printf("Calling usrsctp_finish()\n");
+	while (usrsctp_finish() != 0) {
+	}
+	fuzzer_printf("Done!\n");
+#endif
+
+	return (0);
+}
+
+
+

diff --git a/fuzzer/fuzzer_connect_multi.sh b/fuzzer/fuzzer_connect_multi.sh
new file mode 100755
index 0000000..665cfd6
--- /dev/null
+++ b/fuzzer/fuzzer_connect_multi.sh

@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+
+export ASAN_OPTIONS=abort_on_error=1:disable_core=0:unmap_shadow_on_exit=1:disable_coredump=0
+ulimit -c unlimited
+mkdir -p CORPUS_CONNECT
+
+NPROC=1
+
+if [[ "$OSTYPE" == "linux-gnu" ]]; then
+    NPROC=$(nproc)
+elif [[ "$OSTYPE" == "darwin"* ]]; then
+    NPROC=$(sysctl -n hw.ncpu)
+elif [[ "$OSTYPE" == "freebsd"* ]]; then
+    NPROC=$(sysctl -n hw.ncpu)
+else
+    exit 1
+fi
+
+echo "$NPROC"
+
+
+./fuzzer_connect_multi -jobs=64 -timeout=10 -max_len=4086 CORPUS_CONNECT

diff --git a/fuzzer/fuzzer_connected.c b/fuzzer/fuzzer_connected.c
deleted file mode 100644
index ab04983..0000000
--- a/fuzzer/fuzzer_connected.c
+++ /dev/null

@@ -1,236 +0,0 @@
-/*
- * Copyright (C) 2017-2019 Felix Weinrank
- *
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the project nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.	IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <stdarg.h>
-#include <sys/time.h>
-#include <usrsctp.h>
-
-//#define FUZZ_VERBOSE
-
-static const char *init_ack = "\x13\x89\xe7\xd0\xef\x38\x12\x25\x00\x00\x00\x00\x02\x00\x01\x4c" \
-"\x20\x0f\x67\x0d\x00\x02\x00\x00\x00\x04\x00\x04\xbd\xf0\x8d\x18" \
-"\xc0\x00\x00\x04\x80\x08\x00\x09\xc0\x0f\xc1\x80\x82\x00\x00\x00" \
-"\x80\x02\x00\x24\xfd\x30\xc7\x17\x34\x27\x17\x1c\xa2\xc6\x78\x20" \
-"\x62\xc3\xa1\x3f\xb6\x86\x92\x42\xc5\x0b\xb6\x36\xd7\xf6\xf4\x19" \
-"\xee\xd3\xc9\x1e\x80\x04\x00\x06\x00\x01\x00\x00\x80\x03\x00\x06" \
-"\x80\xc1\x00\x00\x00\x07\x00\xf4\x4b\x41\x4d\x45\x2d\x42\x53\x44" \
-"\x20\x31\x2e\x31\x00\x00\x00\x00\x25\xfa\x5e\x5d\x00\x00\x00\x00" \
-"\xe6\xc3\x0a\x00\x00\x00\x00\x00\x60\xea\x00\x00\x54\x6f\x2d\xff" \
-"\xd1\x7f\x68\x2a\x00\x00\x00\x01\x20\x0f\x67\x0d\x80\x3b\x00\x00" \
-"\xc0\x60\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00" \
-"\x80\x3b\x00\x00\xc0\x60\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" \
-"\x04\x00\x00\x00\x00\x00\x00\x00\x13\x88\x13\x88\x00\x00\x01\x00" \
-"\x01\x01\x01\x00\x00\x00\x00\x00\x01\x00\x00\x14\x01\x00\x00\x00" \
-"\x00\x00\x20\x00\x00\x08\x00\x08\x00\x00\x00\x01\x02\x00\x01\x4c" \
-"\x20\x0f\x67\x0d\x00\x02\x00\x00\x00\x04\x00\x04\xbd\xf0\x8d\x18" \
-"\xc0\x00\x00\x04\x80\x08\x00\x09\xc0\x0f\xc1\x80\x82\x00\x00\x00" \
-"\x80\x02\x00\x24\xfd\x30\xc7\x17\x34\x27\x17\x1c\xa2\xc6\x78\x20" \
-"\x62\xc3\xa1\x3f\xb6\x86\x92\x42\xc5\x0b\xb6\x36\xd7\xf6\xf4\x19" \
-"\xee\xd3\xc9\x1e\x80\x04\x00\x06\x00\x01\x00\x00\x80\x03\x00\x06" \
-"\x80\xc1\x00\x00\x41\xc3\xed\x62\x2c\x1c\x3c\x03\x41\x6d\x17\xc8" \
-"\xd8\x64\xff\xe2\x25\xd6\x81\x9e";
-
-static const char *cookie_ack = "\x13\x89\xe7\xd0\xef\x38\x12\x25\x00\x00\x00\x00\x0b\x00\x00\x04";
-static const char *common_header = "\x13\x89\xe7\xd0\xef\x38\x12\x25\x00\x00\x00\x00";
-
-#ifdef FUZZ_VERBOSE
-static char *dump_buf;
-void
-debug_printf(const char *format, ...)
-{
-	static struct timeval time_main;
-
-	va_list ap;
-	struct timeval time_now;
-	struct timeval time_delta;
-
-	if (time_main.tv_sec == 0  && time_main.tv_usec == 0) {
-		gettimeofday(&time_main, NULL);
-	}
-
-	gettimeofday(&time_now, NULL);
-	timersub(&time_now, &time_main, &time_delta);
-
-	fprintf(stderr, "[%u.%03u] ", (unsigned int) time_delta.tv_sec, (unsigned int) time_delta.tv_usec / 1000);
-
-	va_start(ap, format);
-	vprintf(format, ap);
-	va_end(ap);
-}
-#else
-void
-debug_printf(const char *format, ...)
-{
-}
-#endif
-
-
-static int
-conn_output(void *addr, void *buf, size_t length, uint8_t tos, uint8_t set_df)
-{
-#ifdef FUZZ_VERBOSE
-	if ((dump_buf = usrsctp_dumppacket(buf, length, SCTP_DUMP_OUTBOUND)) != NULL) {
-		fprintf(stderr, "%s", dump_buf);
-		usrsctp_freedumpbuffer(dump_buf);
-	}
-#endif
-	return (0);
-}
-
-
-static void
-handle_upcall(struct socket *sock, void *arg, int flgs)
-{
-	debug_printf("handle_upcall() called - implement logic!\n");
-}
-
-
-int
-initialize_fuzzer(void) {
-#ifdef FUZZ_VERBOSE
-	usrsctp_init(0, conn_output, debug_printf);
-#else
-	usrsctp_init(0, conn_output, NULL);
-#endif
-	usrsctp_enable_crc32c_offload();
-	/* set up a connected UDP socket */
-#ifdef SCTP_DEBUG
-	usrsctp_sysctl_set_sctp_debug_on(SCTP_DEBUG_ALL);
-#endif
-	usrsctp_register_address((void *)1);
-	debug_printf("usrsctp initialized\n");
-	return 1;
-}
-
-
-int
-LLVMFuzzerTestOneInput(const uint8_t* data, size_t data_size)
-{
-	static int initialized;
-	char *pktbuf;
-	struct sockaddr_conn sconn;
-	struct socket *socket_client;
-	struct linger so_linger;
-	struct sctp_event event;
-	unsigned long i;
-	uint16_t event_types[] = {
-		SCTP_ASSOC_CHANGE,
-		SCTP_PEER_ADDR_CHANGE,
-		SCTP_SEND_FAILED_EVENT,
-		SCTP_REMOTE_ERROR,
-		SCTP_SHUTDOWN_EVENT,
-		SCTP_ADAPTATION_INDICATION,
-		SCTP_PARTIAL_DELIVERY_EVENT
-	};
-
-	if (!initialized) {
-		initialized = initialize_fuzzer();
-	}
-
-	if ((socket_client = usrsctp_socket(AF_CONN, SOCK_STREAM, IPPROTO_SCTP, NULL, NULL, 0, 0)) == NULL) {
-		perror("usrsctp_socket");
-		exit(EXIT_FAILURE);
-	}
-
-	usrsctp_set_non_blocking(socket_client, 1);
-
-	so_linger.l_onoff = 1;
-	so_linger.l_linger = 0;
-	if (usrsctp_setsockopt(socket_client, SOL_SOCKET, SO_LINGER, &so_linger, sizeof(struct linger)) < 0) {
-		perror("usrsctp_setsockopt 1");
-		exit(EXIT_FAILURE);
-	}
-
-	memset(&event, 0, sizeof(event));
-	event.se_assoc_id = SCTP_FUTURE_ASSOC;
-	event.se_on = 1;
-	for (i = 0; i < sizeof(event_types)/sizeof(uint16_t); i++) {
-		event.se_type = event_types[i];
-		if (usrsctp_setsockopt(socket_client, IPPROTO_SCTP, SCTP_EVENT, &event, sizeof(event)) < 0) {
-			perror("setsockopt SCTP_EVENT socket_client");
-			exit(EXIT_FAILURE);
-		}
-	}
-
-	usrsctp_set_upcall(socket_client, handle_upcall, NULL);
-
-	memset(&sconn, 0, sizeof(struct sockaddr_conn));
-	sconn.sconn_family = AF_CONN;
-#ifdef HAVE_SCONN_LEN
-	sconn.sconn_len = sizeof(struct sockaddr_conn);
-#endif
-	sconn.sconn_port = htons(5001);
-	sconn.sconn_addr = (void *)1;
-	if (usrsctp_connect(socket_client, (struct sockaddr *)&sconn, sizeof(struct sockaddr_conn)) < 0) {
-		if (errno != EINPROGRESS) {
-			perror("usrsctp_connect");
-			exit(EXIT_FAILURE);
-		}
-	}
-
-#ifdef FUZZ_VERBOSE
-	if ((dump_buf = usrsctp_dumppacket(init_ack, 344, SCTP_DUMP_INBOUND)) != NULL) {
-		fprintf(stderr, "%s", dump_buf);
-		usrsctp_freedumpbuffer(dump_buf);
-	}
-#endif
-	usrsctp_conninput((void *)1, init_ack, 344, 0);
-
-#ifdef FUZZ_VERBOSE
-	if ((dump_buf = usrsctp_dumppacket(cookie_ack, 16, SCTP_DUMP_INBOUND)) != NULL) {
-		fprintf(stderr, "%s", dump_buf);
-		usrsctp_freedumpbuffer(dump_buf);
-	}
-#endif
-	usrsctp_conninput((void *)1, cookie_ack, 16, 0);
-
-	// concat common header and fuzzer input
-	pktbuf = malloc(data_size + 12);
-	memcpy(pktbuf, common_header, 12);
-	memcpy(pktbuf + 12, data, data_size);
-
-#ifdef FUZZ_VERBOSE
-	debug_printf(">>>> INJECTING\n");
-	if ((dump_buf = usrsctp_dumppacket(pktbuf, data_size + 12, SCTP_DUMP_INBOUND)) != NULL) {
-		fprintf(stderr, "%s", dump_buf);
-		usrsctp_freedumpbuffer(dump_buf);
-	}
-#endif
-	usrsctp_conninput((void *)1, pktbuf, data_size + 12, 0);
-
-	usrsctp_close(socket_client);
-	free(pktbuf);
-	return (0);
-}
-
-

diff --git a/fuzzer/fuzzer_connected.sh b/fuzzer/fuzzer_connected.sh
deleted file mode 100755
index b591bb9..0000000
--- a/fuzzer/fuzzer_connected.sh
+++ /dev/null

@@ -1,5 +0,0 @@
-#!/bin/bash
-export ASAN_OPTIONS=abort_on_error=1:disable_core=0:unmap_shadow_on_exit=1:disable_coredump=0
-ulimit -c unlimited
-mkdir -p CORPUS_CONNECTED
-./fuzzer_connected -jobs=32 -timeout=10 -max_len=4086 CORPUS_CONNECTED

diff --git a/fuzzer/fuzzer_unconnected.c b/fuzzer/fuzzer_listen.c
similarity index 92%
rename from fuzzer/fuzzer_unconnected.c
rename to fuzzer/fuzzer_listen.c
index 2cc353f..5ada7e5 100644
--- a/fuzzer/fuzzer_unconnected.c
+++ b/fuzzer/fuzzer_listen.c

@@ -32,6 +32,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <usrsctp.h>
+#include "../programs/programs_helper.h"
 
 #define FUZZ_FAST 1
 
@@ -54,7 +55,7 @@
 static void
 handle_upcall(struct socket *sock, void *arg, int flgs)
 {
-	fprintf(stderr, "Listening socket established, implement logic!\n");
+	debug_printf("Listening socket established, implement logic!\n");
 	exit(EXIT_FAILURE);
 }
 
@@ -78,9 +79,14 @@
 	}
 #endif
 
+#ifdef FUZZ_VERBOSE
+	usrsctp_init(0, conn_output, debug_printf_stack);
+#else
 	usrsctp_init(0, conn_output, NULL);
+#endif
+
 	usrsctp_enable_crc32c_offload();
-	/* set up a connected UDP socket */
+	
 #ifdef SCTP_DEBUG
 	usrsctp_sysctl_set_sctp_debug_on(SCTP_DEBUG_ALL);
 #endif
@@ -133,6 +139,11 @@
 LLVMFuzzerTestOneInput(const uint8_t* data, size_t data_size)
 {
 	init_fuzzer();
+
+	if (data_size < 8 || data_size > 65535) {
+		// Skip too small and too large packets
+		return (0);
+	}
 	usrsctp_conninput((void *)1, data, data_size, 0);
 
 #if !defined(FUZZ_FAST)

diff --git a/fuzzer/fuzzer_listen.sh b/fuzzer/fuzzer_listen.sh
new file mode 100755
index 0000000..4a70dec
--- /dev/null
+++ b/fuzzer/fuzzer_listen.sh

@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+export ASAN_OPTIONS=abort_on_error=1:disable_core=0:unmap_shadow_on_exit=1:disable_coredump=0
+ulimit -c unlimited
+mkdir -p CORPUS_LISTEN
+./fuzzer_listen -jobs=32 -timeout=10 -max_len=4086 CORPUS_LISTEN

diff --git a/fuzzer/fuzzer_unconnected.sh b/fuzzer/fuzzer_unconnected.sh
deleted file mode 100755
index d9efd52..0000000
--- a/fuzzer/fuzzer_unconnected.sh
+++ /dev/null

@@ -1,5 +0,0 @@
-#!/bin/bash
-export ASAN_OPTIONS=abort_on_error=1:disable_core=0:unmap_shadow_on_exit=1:disable_coredump=0
-ulimit -c unlimited
-mkdir -p CORPUS_UNCONNECTED
-./fuzzer_unconnected -jobs=32 -timeout=10 -max_len=4086 CORPUS_UNCONNECTED

diff --git a/programs/chargen_server_upcall.c b/programs/chargen_server_upcall.c
index 20c5a8f..263bd20 100644
--- a/programs/chargen_server_upcall.c
+++ b/programs/chargen_server_upcall.c

@@ -159,9 +159,9 @@
 	const int on = 1;
 
 	if (argc > 1) {
-		usrsctp_init(atoi(argv[1]), NULL, debug_printf);
+		usrsctp_init(atoi(argv[1]), NULL, debug_printf_stack);
 	} else {
-		usrsctp_init(9899, NULL, debug_printf);
+		usrsctp_init(9899, NULL, debug_printf_stack);
 	}
 #ifdef SCTP_DEBUG
 	usrsctp_sysctl_set_sctp_debug_on(SCTP_DEBUG_NONE);

diff --git a/programs/client.c b/programs/client.c
index 578a787..8a15a7b 100644
--- a/programs/client.c
+++ b/programs/client.c

@@ -107,9 +107,9 @@
 		return (-1);
 	}
 	if (argc > 4) {
-		usrsctp_init(atoi(argv[4]), NULL, debug_printf);
+		usrsctp_init(atoi(argv[4]), NULL, debug_printf_stack);
 	} else {
-		usrsctp_init(9899, NULL, debug_printf);
+		usrsctp_init(9899, NULL, debug_printf_stack);
 	}
 #ifdef SCTP_DEBUG
 	usrsctp_sysctl_set_sctp_debug_on(SCTP_DEBUG_NONE);

diff --git a/programs/client_upcall.c b/programs/client_upcall.c
index b7b25f6..9d55a38 100644
--- a/programs/client_upcall.c
+++ b/programs/client_upcall.c

@@ -142,9 +142,9 @@
 	int i, n;
 
 	if (argc > 4) {
-		usrsctp_init(atoi(argv[4]), NULL, debug_printf);
+		usrsctp_init(atoi(argv[4]), NULL, debug_printf_stack);
 	} else {
-		usrsctp_init(9899, NULL, debug_printf);
+		usrsctp_init(9899, NULL, debug_printf_stack);
 	}
 #ifdef SCTP_DEBUG
 	usrsctp_sysctl_set_sctp_debug_on(SCTP_DEBUG_NONE);

diff --git a/programs/daytime_server.c b/programs/daytime_server.c
index 3047558..3e03dc1 100644
--- a/programs/daytime_server.c
+++ b/programs/daytime_server.c

@@ -70,9 +70,9 @@
 	struct sctp_sndinfo sndinfo;
 
 	if (argc > 1) {
-		usrsctp_init(atoi(argv[1]), NULL, debug_printf);
+		usrsctp_init(atoi(argv[1]), NULL, debug_printf_stack);
 	} else {
-		usrsctp_init(9899, NULL, debug_printf);
+		usrsctp_init(9899, NULL, debug_printf_stack);
 	}
 #ifdef SCTP_DEBUG
 	usrsctp_sysctl_set_sctp_debug_on(SCTP_DEBUG_NONE);

diff --git a/programs/daytime_server_upcall.c b/programs/daytime_server_upcall.c
index 522f3f1..b85cb25 100644
--- a/programs/daytime_server_upcall.c
+++ b/programs/daytime_server_upcall.c

@@ -91,9 +91,9 @@
 	struct sctp_udpencaps encaps;
 
 	if (argc > 1) {
-		usrsctp_init(atoi(argv[1]), NULL, debug_printf);
+		usrsctp_init(atoi(argv[1]), NULL, debug_printf_stack);
 	} else {
-		usrsctp_init(9899, NULL, debug_printf);
+		usrsctp_init(9899, NULL, debug_printf_stack);
 	}
 #ifdef SCTP_DEBUG
 	usrsctp_sysctl_set_sctp_debug_on(SCTP_DEBUG_NONE);

diff --git a/programs/discard_server.c b/programs/discard_server.c
index 5584247..e469b36 100644
--- a/programs/discard_server.c
+++ b/programs/discard_server.c

@@ -139,9 +139,9 @@
 	unsigned int infotype;
 
 	if (argc > 1) {
-		usrsctp_init(atoi(argv[1]), NULL, debug_printf);
+		usrsctp_init(atoi(argv[1]), NULL, debug_printf_stack);
 	} else {
-		usrsctp_init(9899, NULL, debug_printf);
+		usrsctp_init(9899, NULL, debug_printf_stack);
 	}
 #ifdef SCTP_DEBUG
 	usrsctp_sysctl_set_sctp_debug_on(SCTP_DEBUG_ALL);

diff --git a/programs/discard_server_upcall.c b/programs/discard_server_upcall.c
index 986a950..881bf0d 100644
--- a/programs/discard_server_upcall.c
+++ b/programs/discard_server_upcall.c

@@ -155,9 +155,9 @@
 	const int on = 1;
 
 	if (argc > 1) {
-		usrsctp_init(atoi(argv[1]), NULL, debug_printf);
+		usrsctp_init(atoi(argv[1]), NULL, debug_printf_stack);
 	} else {
-		usrsctp_init(9899, NULL, debug_printf);
+		usrsctp_init(9899, NULL, debug_printf_stack);
 	}
 #ifdef SCTP_DEBUG
 	usrsctp_sysctl_set_sctp_debug_on(SCTP_DEBUG_NONE);

diff --git a/programs/echo_server.c b/programs/echo_server.c
index 4b4a3e5..f59a99c 100644
--- a/programs/echo_server.c
+++ b/programs/echo_server.c

@@ -154,9 +154,9 @@
 	unsigned int infotype;
 
 	if (argc > 1) {
-		usrsctp_init(atoi(argv[1]), NULL, debug_printf);
+		usrsctp_init(atoi(argv[1]), NULL, debug_printf_stack);
 	} else {
-		usrsctp_init(9899, NULL, debug_printf);
+		usrsctp_init(9899, NULL, debug_printf_stack);
 	}
 #ifdef SCTP_DEBUG
 	usrsctp_sysctl_set_sctp_debug_on(SCTP_DEBUG_NONE);

diff --git a/programs/echo_server_upcall.c b/programs/echo_server_upcall.c
index 4c966cd..8ecdfe4 100644
--- a/programs/echo_server_upcall.c
+++ b/programs/echo_server_upcall.c

@@ -172,9 +172,9 @@
 	const int on = 1;
 
 	if (argc > 1) {
-		usrsctp_init(atoi(argv[1]), NULL, debug_printf);
+		usrsctp_init(atoi(argv[1]), NULL, debug_printf_stack);
 	} else {
-		usrsctp_init(9899, NULL, debug_printf);
+		usrsctp_init(9899, NULL, debug_printf_stack);
 	}
 #ifdef SCTP_DEBUG
 	usrsctp_sysctl_set_sctp_debug_on(SCTP_DEBUG_NONE);

diff --git a/programs/ekr_client.c b/programs/ekr_client.c
index af0b834..6aa045d 100644
--- a/programs/ekr_client.c
+++ b/programs/ekr_client.c

@@ -186,7 +186,7 @@
 		exit (EXIT_FAILURE);
 	}
 #endif
-	usrsctp_init(0, conn_output, debug_printf);
+	usrsctp_init(0, conn_output, debug_printf_stack);
 	/* set up a connected UDP socket */
 #ifdef _WIN32
 	if ((fd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == INVALID_SOCKET) {

diff --git a/programs/ekr_loop.c b/programs/ekr_loop.c
index 6598800..582c116 100644
--- a/programs/ekr_loop.c
+++ b/programs/ekr_loop.c

@@ -297,7 +297,7 @@
 		exit (EXIT_FAILURE);
 	}
 #endif
-	usrsctp_init(0, conn_output, debug_printf);
+	usrsctp_init(0, conn_output, debug_printf_stack);
 	/* set up a connected UDP socket */
 #ifdef _WIN32
 	if ((fd_c = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == INVALID_SOCKET) {

diff --git a/programs/ekr_loop_offload.c b/programs/ekr_loop_offload.c
index 13d3e61..5184bef 100644
--- a/programs/ekr_loop_offload.c
+++ b/programs/ekr_loop_offload.c

@@ -314,7 +314,7 @@
 		exit (EXIT_FAILURE);
 	}
 #endif
-	usrsctp_init(0, conn_output, debug_printf);
+	usrsctp_init(0, conn_output, debug_printf_stack);
 	usrsctp_enable_crc32c_offload();
 	/* set up a connected UDP socket */
 #ifdef _WIN32

diff --git a/programs/ekr_loop_upcall.c b/programs/ekr_loop_upcall.c
index 9d1406d..d225fee 100644
--- a/programs/ekr_loop_upcall.c
+++ b/programs/ekr_loop_upcall.c

@@ -327,7 +327,7 @@
 		exit (EXIT_FAILURE);
 	}
 #endif
-	usrsctp_init(0, conn_output, debug_printf);
+	usrsctp_init(0, conn_output, debug_printf_stack);
 	/* set up a connected UDP socket */
 #ifdef _WIN32
 	if ((fd_c = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == INVALID_SOCKET) {

diff --git a/programs/ekr_peer.c b/programs/ekr_peer.c
index d51568c..f278d5b 100644
--- a/programs/ekr_peer.c
+++ b/programs/ekr_peer.c

@@ -181,7 +181,7 @@
 		exit(EXIT_FAILURE);
 	}
 #endif
-	usrsctp_init(0, conn_output, debug_printf);
+	usrsctp_init(0, conn_output, debug_printf_stack);
 	/* set up a connected UDP socket */
 #ifdef _WIN32
 	if ((fd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == INVALID_SOCKET) {

diff --git a/programs/ekr_server.c b/programs/ekr_server.c
index 187d8d7..2fdfcc2 100644
--- a/programs/ekr_server.c
+++ b/programs/ekr_server.c

@@ -184,7 +184,7 @@
 		exit (EXIT_FAILURE);
 	}
 #endif
-	usrsctp_init(0, conn_output, debug_printf);
+	usrsctp_init(0, conn_output, debug_printf_stack);
 	/* set up a connected UDP socket */
 #ifdef _WIN32
 	if ((fd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == INVALID_SOCKET) {

diff --git a/programs/http_client.c b/programs/http_client.c
index ca14c89..def0384 100644
--- a/programs/http_client.c
+++ b/programs/http_client.c

@@ -159,9 +159,9 @@
 	}
 
 	if (argc > 4) {
-		usrsctp_init(atoi(argv[4]), NULL, debug_printf);
+		usrsctp_init(atoi(argv[4]), NULL, debug_printf_stack);
 	} else {
-		usrsctp_init(9899, NULL, debug_printf);
+		usrsctp_init(9899, NULL, debug_printf_stack);
 	}
 
 #ifdef SCTP_DEBUG

diff --git a/programs/http_client_upcall.c b/programs/http_client_upcall.c
index e2c0503..5583b54 100644
--- a/programs/http_client_upcall.c
+++ b/programs/http_client_upcall.c

@@ -187,9 +187,9 @@
 	}
 
 	if (argc > 4) {
-		usrsctp_init(atoi(argv[4]), NULL, debug_printf);
+		usrsctp_init(atoi(argv[4]), NULL, debug_printf_stack);
 	} else {
-		usrsctp_init(9899, NULL, debug_printf);
+		usrsctp_init(9899, NULL, debug_printf_stack);
 	}
 
 #ifdef SCTP_DEBUG

diff --git a/programs/programs_helper.c b/programs/programs_helper.c
index 0119f30..4cfea15 100644
--- a/programs/programs_helper.c
+++ b/programs/programs_helper.c

@@ -32,11 +32,8 @@
 #endif
 
 void
-debug_printf(const char *format, ...)
-{
+debug_printf_runtime(void) {
 	static struct timeval time_main;
-
-	va_list ap;
 	struct timeval time_now;
 	struct timeval time_delta;
 
@@ -48,9 +45,20 @@
 	timersub(&time_now, &time_main, &time_delta);
 
 	fprintf(stderr, "[%u.%03u] ", (unsigned int) time_delta.tv_sec, (unsigned int) time_delta.tv_usec / 1000);
+}
+
+
+void
+debug_printf_stack(const char *format, ...)
+{
+	va_list ap;
+
+	fprintf(stderr, "[S]");
+
+	debug_printf_runtime();
 
 	va_start(ap, format);
-	vprintf(format, ap);
+	vfprintf(stderr, format, ap);
 	va_end(ap);
 }
 
@@ -59,63 +67,63 @@
 {
 	unsigned int i, n;
 
-	printf("Association change ");
+	fprintf(stderr, "Association change ");
 	switch (sac->sac_state) {
 	case SCTP_COMM_UP:
-		printf("SCTP_COMM_UP");
+		fprintf(stderr, "SCTP_COMM_UP");
 		break;
 	case SCTP_COMM_LOST:
-		printf("SCTP_COMM_LOST");
+		fprintf(stderr, "SCTP_COMM_LOST");
 		break;
 	case SCTP_RESTART:
-		printf("SCTP_RESTART");
+		fprintf(stderr, "SCTP_RESTART");
 		break;
 	case SCTP_SHUTDOWN_COMP:
-		printf("SCTP_SHUTDOWN_COMP");
+		fprintf(stderr, "SCTP_SHUTDOWN_COMP");
 		break;
 	case SCTP_CANT_STR_ASSOC:
-		printf("SCTP_CANT_STR_ASSOC");
+		fprintf(stderr, "SCTP_CANT_STR_ASSOC");
 		break;
 	default:
-		printf("UNKNOWN");
+		fprintf(stderr, "UNKNOWN");
 		break;
 	}
-	printf(", streams (in/out) = (%u/%u)",
+	fprintf(stderr, ", streams (in/out) = (%u/%u)",
 	       sac->sac_inbound_streams, sac->sac_outbound_streams);
 	n = sac->sac_length - sizeof(struct sctp_assoc_change);
 	if (((sac->sac_state == SCTP_COMM_UP) ||
 	     (sac->sac_state == SCTP_RESTART)) && (n > 0)) {
-		printf(", supports");
+		fprintf(stderr, ", supports");
 		for (i = 0; i < n; i++) {
 			switch (sac->sac_info[i]) {
 			case SCTP_ASSOC_SUPPORTS_PR:
-				printf(" PR");
+				fprintf(stderr, " PR");
 				break;
 			case SCTP_ASSOC_SUPPORTS_AUTH:
-				printf(" AUTH");
+				fprintf(stderr, " AUTH");
 				break;
 			case SCTP_ASSOC_SUPPORTS_ASCONF:
-				printf(" ASCONF");
+				fprintf(stderr, " ASCONF");
 				break;
 			case SCTP_ASSOC_SUPPORTS_MULTIBUF:
-				printf(" MULTIBUF");
+				fprintf(stderr, " MULTIBUF");
 				break;
 			case SCTP_ASSOC_SUPPORTS_RE_CONFIG:
-				printf(" RE-CONFIG");
+				fprintf(stderr, " RE-CONFIG");
 				break;
 			default:
-				printf(" UNKNOWN(0x%02x)", sac->sac_info[i]);
+				fprintf(stderr, " UNKNOWN(0x%02x)", sac->sac_info[i]);
 				break;
 			}
 		}
 	} else if (((sac->sac_state == SCTP_COMM_LOST) ||
 	            (sac->sac_state == SCTP_CANT_STR_ASSOC)) && (n > 0)) {
-		printf(", ABORT =");
+		fprintf(stderr, ", ABORT =");
 		for (i = 0; i < n; i++) {
-			printf(" 0x%02x", sac->sac_info[i]);
+			fprintf(stderr, " 0x%02x", sac->sac_info[i]);
 		}
 	}
-	printf(".\n");
+	fprintf(stderr, ".\n");
 	return;
 }
 
@@ -155,31 +163,31 @@
 		addr = addr_buf;
 		break;
 	}
-	printf("Peer address %s is now ", addr);
+	fprintf(stderr, "Peer address %s is now ", addr);
 	switch (spc->spc_state) {
 	case SCTP_ADDR_AVAILABLE:
-		printf("SCTP_ADDR_AVAILABLE");
+		fprintf(stderr, "SCTP_ADDR_AVAILABLE");
 		break;
 	case SCTP_ADDR_UNREACHABLE:
-		printf("SCTP_ADDR_UNREACHABLE");
+		fprintf(stderr, "SCTP_ADDR_UNREACHABLE");
 		break;
 	case SCTP_ADDR_REMOVED:
-		printf("SCTP_ADDR_REMOVED");
+		fprintf(stderr, "SCTP_ADDR_REMOVED");
 		break;
 	case SCTP_ADDR_ADDED:
-		printf("SCTP_ADDR_ADDED");
+		fprintf(stderr, "SCTP_ADDR_ADDED");
 		break;
 	case SCTP_ADDR_MADE_PRIM:
-		printf("SCTP_ADDR_MADE_PRIM");
+		fprintf(stderr, "SCTP_ADDR_MADE_PRIM");
 		break;
 	case SCTP_ADDR_CONFIRMED:
-		printf("SCTP_ADDR_CONFIRMED");
+		fprintf(stderr, "SCTP_ADDR_CONFIRMED");
 		break;
 	default:
-		printf("UNKNOWN");
+		fprintf(stderr, "UNKNOWN");
 		break;
 	}
-	printf(" (error = 0x%08x).\n", spc->spc_error);
+	fprintf(stderr, " (error = 0x%08x).\n", spc->spc_error);
 	return;
 }
 
@@ -189,36 +197,36 @@
 	size_t i, n;
 
 	if (ssfe->ssfe_flags & SCTP_DATA_UNSENT) {
-		printf("Unsent ");
+		fprintf(stderr, "Unsent ");
 	}
 	if (ssfe->ssfe_flags & SCTP_DATA_SENT) {
-		printf("Sent ");
+		fprintf(stderr, "Sent ");
 	}
 	if (ssfe->ssfe_flags & ~(SCTP_DATA_SENT | SCTP_DATA_UNSENT)) {
-		printf("(flags = %x) ", ssfe->ssfe_flags);
+		fprintf(stderr, "(flags = %x) ", ssfe->ssfe_flags);
 	}
-	printf("message with PPID = %u, SID = %u, flags: 0x%04x due to error = 0x%08x",
+	fprintf(stderr, "message with PPID = %u, SID = %u, flags: 0x%04x due to error = 0x%08x",
 	       ntohl(ssfe->ssfe_info.snd_ppid), ssfe->ssfe_info.snd_sid,
 	       ssfe->ssfe_info.snd_flags, ssfe->ssfe_error);
 	n = ssfe->ssfe_length - sizeof(struct sctp_send_failed_event);
 	for (i = 0; i < n; i++) {
-		printf(" 0x%02x", ssfe->ssfe_data[i]);
+		fprintf(stderr, " 0x%02x", ssfe->ssfe_data[i]);
 	}
-	printf(".\n");
+	fprintf(stderr, ".\n");
 	return;
 }
 
 static void
 handle_adaptation_indication(struct sctp_adaptation_event *sai)
 {
-	printf("Adaptation indication: %x.\n", sai-> sai_adaptation_ind);
+	fprintf(stderr, "Adaptation indication: %x.\n", sai-> sai_adaptation_ind);
 	return;
 }
 
 static void
 handle_shutdown_event(struct sctp_shutdown_event *sse)
 {
-	printf("Shutdown event.\n");
+	fprintf(stderr, "Shutdown event.\n");
 	/* XXX: notify all channels. */
 	return;
 }
@@ -229,31 +237,31 @@
 	uint32_t n, i;
 
 	n = (strrst->strreset_length - sizeof(struct sctp_stream_reset_event)) / sizeof(uint16_t);
-	printf("Stream reset event: flags = %x, ", strrst->strreset_flags);
+	fprintf(stderr, "Stream reset event: flags = %x, ", strrst->strreset_flags);
 	if (strrst->strreset_flags & SCTP_STREAM_RESET_INCOMING_SSN) {
 		if (strrst->strreset_flags & SCTP_STREAM_RESET_OUTGOING_SSN) {
-			printf("incoming/");
+			fprintf(stderr, "incoming/");
 		}
-		printf("incoming ");
+		fprintf(stderr, "incoming ");
 	}
 	if (strrst->strreset_flags & SCTP_STREAM_RESET_OUTGOING_SSN) {
-		printf("outgoing ");
+		fprintf(stderr, "outgoing ");
 	}
-	printf("stream ids = ");
+	fprintf(stderr, "stream ids = ");
 	for (i = 0; i < n; i++) {
 		if (i > 0) {
-			printf(", ");
+			fprintf(stderr, ", ");
 		}
-		printf("%d", strrst->strreset_stream_list[i]);
+		fprintf(stderr, "%d", strrst->strreset_stream_list[i]);
 	}
-	printf(".\n");
+	fprintf(stderr, ".\n");
 	return;
 }
 
 static void
 handle_stream_change_event(struct sctp_stream_change_event *strchg)
 {
-	printf("Stream change event: streams (in/out) = (%u/%u), flags = %x.\n",
+	fprintf(stderr, "Stream change event: streams (in/out) = (%u/%u), flags = %x.\n",
 	       strchg->strchange_instrms, strchg->strchange_outstrms, strchg->strchange_flags);
 	return;
 }
@@ -264,11 +272,11 @@
 	size_t i, n;
 
 	n = sre->sre_length - sizeof(struct sctp_remote_error);
-	printf("Remote Error (error = 0x%04x): ", sre->sre_error);
+	fprintf(stderr, "Remote Error (error = 0x%04x): ", sre->sre_error);
 	for (i = 0; i < n; i++) {
-		printf(" 0x%02x", sre-> sre_data[i]);
+		fprintf(stderr, " 0x%02x", sre-> sre_data[i]);
 	}
-	printf(".\n");
+	fprintf(stderr, ".\n");
 	return;
 }
 
@@ -279,54 +287,54 @@
 		return;
 	}
 
-	printf("handle_notification : ");
+	fprintf(stderr, "handle_notification : ");
 
 	switch (notif->sn_header.sn_type) {
 	case SCTP_ASSOC_CHANGE:
-		printf("SCTP_ASSOC_CHANGE\n");
+		fprintf(stderr, "SCTP_ASSOC_CHANGE\n");
 		handle_association_change_event(&(notif->sn_assoc_change));
 		break;
 	case SCTP_PEER_ADDR_CHANGE:
-		printf("SCTP_PEER_ADDR_CHANGE\n");
+		fprintf(stderr, "SCTP_PEER_ADDR_CHANGE\n");
 		handle_peer_address_change_event(&(notif->sn_paddr_change));
 		break;
 	case SCTP_REMOTE_ERROR:
-		printf("SCTP_REMOTE_ERROR\n");
+		fprintf(stderr, "SCTP_REMOTE_ERROR\n");
 		handle_remote_error_event(&(notif->sn_remote_error));
 		break;
 	case SCTP_SHUTDOWN_EVENT:
-		printf("SCTP_SHUTDOWN_EVENT\n");
+		fprintf(stderr, "SCTP_SHUTDOWN_EVENT\n");
 		handle_shutdown_event(&(notif->sn_shutdown_event));
 		break;
 	case SCTP_ADAPTATION_INDICATION:
-		printf("SCTP_ADAPTATION_INDICATION\n");
+		fprintf(stderr, "SCTP_ADAPTATION_INDICATION\n");
 		handle_adaptation_indication(&(notif->sn_adaptation_event));
 		break;
 	case SCTP_PARTIAL_DELIVERY_EVENT:
-		printf("SCTP_PARTIAL_DELIVERY_EVENT\n");
+		fprintf(stderr, "SCTP_PARTIAL_DELIVERY_EVENT\n");
 		break;
 	case SCTP_AUTHENTICATION_EVENT:
-		printf("SCTP_AUTHENTICATION_EVENT\n");
+		fprintf(stderr, "SCTP_AUTHENTICATION_EVENT\n");
 		break;
 	case SCTP_SENDER_DRY_EVENT:
-		printf("SCTP_SENDER_DRY_EVENT\n");
+		fprintf(stderr, "SCTP_SENDER_DRY_EVENT\n");
 		break;
 	case SCTP_NOTIFICATIONS_STOPPED_EVENT:
-		printf("SCTP_NOTIFICATIONS_STOPPED_EVENT\n");
+		fprintf(stderr, "SCTP_NOTIFICATIONS_STOPPED_EVENT\n");
 		break;
 	case SCTP_SEND_FAILED_EVENT:
-		printf("SCTP_SEND_FAILED_EVENT\n");
+		fprintf(stderr, "SCTP_SEND_FAILED_EVENT\n");
 		handle_send_failed_event(&(notif->sn_send_failed_event));
 		break;
 	case SCTP_STREAM_RESET_EVENT:
-		printf("SCTP_STREAM_RESET_EVENT\n");
+		fprintf(stderr, "SCTP_STREAM_RESET_EVENT\n");
 		handle_stream_reset_event(&(notif->sn_strreset_event));
 		break;
 	case SCTP_ASSOC_RESET_EVENT:
-		printf("SCTP_ASSOC_RESET_EVENT\n");
+		fprintf(stderr, "SCTP_ASSOC_RESET_EVENT\n");
 		break;
 	case SCTP_STREAM_CHANGE_EVENT:
-		printf("SCTP_STREAM_CHANGE_EVENT\n");
+		fprintf(stderr, "SCTP_STREAM_CHANGE_EVENT\n");
 		handle_stream_change_event(&(notif->sn_strchange_event));
 		break;
 	default:

diff --git a/programs/programs_helper.h b/programs/programs_helper.h
index 132685a..2a1da5f 100644
--- a/programs/programs_helper.h
+++ b/programs/programs_helper.h

@@ -28,8 +28,38 @@
 #ifndef __PROGRAMS_HELPER_H__
 #define __PROGRAMS_HELPER_H__
 
-void debug_printf(const char *format, ...);
-void handle_notification(union sctp_notification *notif, size_t n);
+#ifndef _WIN32
+#define SCTP_PACKED __attribute__((packed))
+#else
+#pragma pack (push, 1)
+#define SCTP_PACKED
+#endif
+
+struct sctp_chunk_header {
+	uint8_t chunk_type;	/* chunk type */
+	uint8_t chunk_flags;	/* chunk flags */
+	uint16_t chunk_length;	/* chunk length */
+	/* optional params follow */
+} SCTP_PACKED;
+
+struct sctp_init_chunk {
+	struct sctp_chunk_header ch;
+	uint32_t initiate_tag;	/* initiate tag */
+	uint32_t a_rwnd;	/* a_rwnd */
+	uint16_t num_outbound_streams;	/* OS */
+	uint16_t num_inbound_streams;	/* MIS */
+	uint32_t initial_tsn;	/* I-TSN */
+	/* optional param's follow */
+} SCTP_PACKED;
+
+#ifdef _WIN32
+#pragma pack(pop)
+#endif
+
+#undef SCTP_PACKED
+
+void
+handle_notification(union sctp_notification *notif, size_t n);
 #ifndef timersub
 #define timersub(tvp, uvp, vvp)                                   \
 	do {                                                      \
@@ -42,4 +72,16 @@
 	} while (0)
 #endif
 
-#endif /* __PROGRAMS_HELPER_H__ */ 
+void
+debug_printf_runtime(void);
+
+void
+debug_printf_stack(const char *format, ...);
+
+#define debug_printf(...)                       \
+	do {                                        \
+		fprintf(stderr, "[P]");                 \
+		debug_printf_runtime();                 \
+		fprintf(stderr, __VA_ARGS__);           \
+	} while (0)
+#endif /* __PROGRAMS_HELPER_H__ */

diff --git a/programs/rtcweb.c b/programs/rtcweb.c
index ef67ee4..1bf3b18 100644
--- a/programs/rtcweb.c
+++ b/programs/rtcweb.c

@@ -1328,9 +1328,9 @@
 	char addrbuf[INET_ADDRSTRLEN];
 
 	if (argc > 1) {
-		usrsctp_init(atoi(argv[1]), NULL, debug_printf);
+		usrsctp_init(atoi(argv[1]), NULL, debug_printf_stack);
 	} else {
-		usrsctp_init(9899, NULL, debug_printf);
+		usrsctp_init(9899, NULL, debug_printf_stack);
 	}
 #ifdef SCTP_DEBUG
 	usrsctp_sysctl_set_sctp_debug_on(SCTP_DEBUG_NONE);

diff --git a/programs/st_client.c b/programs/st_client.c
index 35d20aa..933a16a 100644
--- a/programs/st_client.c
+++ b/programs/st_client.c

@@ -274,7 +274,7 @@
 		return (-1);
 	}
 #endif
-	usrsctp_init_nothreads(0, conn_output, debug_printf);
+	usrsctp_init_nothreads(0, conn_output, debug_printf_stack);
 	/* set up a connected UDP socket */
 #ifdef _WIN32
 	if ((fd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == INVALID_SOCKET) {

diff --git a/programs/tsctp.c b/programs/tsctp.c
index 94c2a0a..c2fa4ae 100644
--- a/programs/tsctp.c
+++ b/programs/tsctp.c

@@ -564,7 +564,7 @@
 	local_addr.sin_port = htons(local_port);
 	local_addr.sin_addr.s_addr = srcAddr;
 
-	usrsctp_init(local_udp_port, NULL, debug_printf);
+	usrsctp_init(local_udp_port, NULL, debug_printf_stack);
 #ifdef SCTP_DEBUG
 	usrsctp_sysctl_set_sctp_debug_on(SCTP_DEBUG_ALL);
 #endif

diff --git a/programs/tsctp_upcall.c b/programs/tsctp_upcall.c
index 16676c3..fab5689 100644
--- a/programs/tsctp_upcall.c
+++ b/programs/tsctp_upcall.c

@@ -622,7 +622,7 @@
 	local_addr.sin_port = htons(local_port);
 	local_addr.sin_addr.s_addr = src_addr;
 
-	usrsctp_init(local_udp_port, NULL, debug_printf);
+	usrsctp_init(local_udp_port, NULL, debug_printf_stack);
 #ifdef SCTP_DEBUG
 	usrsctp_sysctl_set_sctp_debug_on(SCTP_DEBUG_ALL);
 #endif

diff --git a/usrsctplib/netinet/sctputil.c b/usrsctplib/netinet/sctputil.c
index 69e936c..92215b5 100755
--- a/usrsctplib/netinet/sctputil.c
+++ b/usrsctplib/netinet/sctputil.c

@@ -913,9 +913,15 @@
 	 * numbers, but thats ok too since that is random as well :->
 	 */
 	m->store_at = 0;
+#if defined(__Userspace__) && defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
+	for (int i = 0; i < (int) (sizeof(m->random_store) / sizeof(int)); i++) {
+		m->random_store[i] = (uint8_t) rand();
+	}
+#else
 	(void)sctp_hmac(SCTP_HMAC, (uint8_t *)m->random_numbers,
 	    sizeof(m->random_numbers), (uint8_t *)&m->random_counter,
 	    sizeof(m->random_counter), (uint8_t *)m->random_store);
+#endif
 	m->random_counter++;
 }
commit	248221fb77a67e00d2775fcd026e7ea2a7a8b818	[log] [tgz]
author	Felix Weinrank <weinrank@fh-muenster.de>	Thu Sep 26 16:53:56 2019 +0200
committer	Michael Tüxen <tuexen@fh-muenster.de>	Thu Sep 26 16:53:56 2019 +0200
tree	14f767b92cee1fb426001c84df5aaa37e219f136
parent	b07df88c8993722bf4197900bda4646c12ab2f99 [diff]